如何更改群组所有成员的日历权限?
How to change calendar permissions for all members of a group?
我目前正在尝试使用 powershell 更改一部分用户的 Outlook 日历权限,以便他们都可以查看彼此的日历详细信息。
到目前为止,我已经能够找到更改单个用户和组织中所有用户权限的命令 - 但尚未确定如何将这些更改仅应用于一个组。
这是我找到的修改所有用户权限的脚本:
foreach($user in Get-Mailbox -RecipientTypeDetails UserMailbox) {
$cal = $user.alias+”:\Calendar”
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights LimitedDetails
}
为了仅将其应用于一组用户,我的以下修改是否正确?
foreach($user in Get-MsolGroupMember -Identity "Name of Group") {
$cal = $user.alias+”:\Calendar”
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights LimitedDetails
}
您需要先找到组作为对象,因为 Get-MsolGroupMember 没有 -Identity 参数。
然后使用它来获取其用户的信息:
$groupToFind = 'DisplayName of Group'
$permissions = 'LimitedDetails'
$group = Get-MsolGroup | Where-Object { $_.DisplayName -eq $groupToFind }
if ($group) {
# get the group members (users only) and run through
Get-MsolGroupMember -GroupObjectId $group.ObjectId -MemberObjectTypes User -All | ForEach-Object {
$cal = '{0}:\Calendar' -f $_.Alias
$perms = Get-MailboxFolderPermission -Identity $cal -User Default
if ($perms.AccessRights -contains $permissions) {
Write-Host "User $($_.Alias) already has the '$permissions' permission"
}
else {
Write-Host "Setting permissions on $cal"
# for safety, first run with the -WhatIf switch. If you are satisfied with what
# is output on screen, remove or comment out that switch and run again
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights $permissions -WhatIf
}
}
}
else {
Write-Warning "Could not find group '$groupToFind'..."
}
除了在 Get-MsolGroup 上使用 Where-Object 子句,您还可以使用 Get-MsolGroup -SearchString $groupToFind,但要注意使用 -SearchString 将 return 显示名称以此字符串开头的组。
如果您收到 “命令成功完成,未更改任何权限”,这可能意味着用户首先需要获得 so-called 顶部的权限信息存储(即邮箱文件夹本身):
Get-MsolGroupMember -GroupObjectId $group.ObjectId -MemberObjectTypes User -All | ForEach-Object {
$top = '{0}:\' -f $_.Alias # Top of Information Store
$cal = '{0}:\Calendar' -f $_.Alias
Add-MailboxFolderPermission -Identity $top -User Default -AccessRights FolderVisible -Confirm:$false
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights LimitedDetails -Confirm:$false
}
P.S。因为 Outlook 在缓存中运行,所以需要时间来反映那里的更改。
我目前正在尝试使用 powershell 更改一部分用户的 Outlook 日历权限,以便他们都可以查看彼此的日历详细信息。
到目前为止,我已经能够找到更改单个用户和组织中所有用户权限的命令 - 但尚未确定如何将这些更改仅应用于一个组。
这是我找到的修改所有用户权限的脚本:
foreach($user in Get-Mailbox -RecipientTypeDetails UserMailbox) {
$cal = $user.alias+”:\Calendar”
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights LimitedDetails
}
为了仅将其应用于一组用户,我的以下修改是否正确?
foreach($user in Get-MsolGroupMember -Identity "Name of Group") {
$cal = $user.alias+”:\Calendar”
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights LimitedDetails
}
您需要先找到组作为对象,因为 Get-MsolGroupMember 没有 -Identity 参数。
然后使用它来获取其用户的信息:
$groupToFind = 'DisplayName of Group'
$permissions = 'LimitedDetails'
$group = Get-MsolGroup | Where-Object { $_.DisplayName -eq $groupToFind }
if ($group) {
# get the group members (users only) and run through
Get-MsolGroupMember -GroupObjectId $group.ObjectId -MemberObjectTypes User -All | ForEach-Object {
$cal = '{0}:\Calendar' -f $_.Alias
$perms = Get-MailboxFolderPermission -Identity $cal -User Default
if ($perms.AccessRights -contains $permissions) {
Write-Host "User $($_.Alias) already has the '$permissions' permission"
}
else {
Write-Host "Setting permissions on $cal"
# for safety, first run with the -WhatIf switch. If you are satisfied with what
# is output on screen, remove or comment out that switch and run again
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights $permissions -WhatIf
}
}
}
else {
Write-Warning "Could not find group '$groupToFind'..."
}
除了在 Get-MsolGroup 上使用 Where-Object 子句,您还可以使用 Get-MsolGroup -SearchString $groupToFind,但要注意使用 -SearchString 将 return 显示名称以此字符串开头的组。
如果您收到 “命令成功完成,未更改任何权限”,这可能意味着用户首先需要获得 so-called 顶部的权限信息存储(即邮箱文件夹本身):
Get-MsolGroupMember -GroupObjectId $group.ObjectId -MemberObjectTypes User -All | ForEach-Object {
$top = '{0}:\' -f $_.Alias # Top of Information Store
$cal = '{0}:\Calendar' -f $_.Alias
Add-MailboxFolderPermission -Identity $top -User Default -AccessRights FolderVisible -Confirm:$false
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights LimitedDetails -Confirm:$false
}
P.S。因为 Outlook 在缓存中运行,所以需要时间来反映那里的更改。